I have tested this on the server test rig, and it did not change
server side behaviour (in a way that breaks the defined tests).
I've also stared at the code a bit and tried to figure out what is
going on, and came across a slightly incomplete comment for
key_state_test_auth_control_file() which has escaped the dragon's
wrath - rewritten to match my understanding of the function.
Ditto for the comment in ssl_verify.h for tls_authentication_status(),
which was not updated to reflect the removal of TLS_AUTHENTICATION_UNDEFINED
(slightly moot as the "exponential" patch will remove that parameter
and the comment with it).
Your patch has been applied to the master branch.
commit 9a4305020777ce92d4143828b39027f43951ac32
Author: Arne Schwabe
Date: Thu May 6 16:12:59 2021 +0200
Return cached result in tls_authentication_status
Signed-off-by: Arne Schwabe <a...@rfc2549.org>
Acked-by: Antonio Quartulli <anto...@openvpn.net>
Message-Id: <20210506141259.309741-1-a...@rfc2549.org>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22318.html
Signed-off-by: Gert Doering <g...@greenie.muc.de>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
